Security

Extras

Skype 'lol is this your new profile pic' Ransomware Warnings

Outline
Warnings circulating via email, text message and social media posts warn users to watch out for Skype "lol is this your new profile pic" SMS messages because links in these messages lead to malware.

Brief Analysis
The warnings are based on fact. Skype users who click on a link in messages that pose the question "lol is this your new profile pic?" may end up downloading and installing malware on their computers. Some of the malware is so called "ransomware" that can encrypt files on the infected computer and demand a fee to unlock it. Other components in the payload can conduct fraudulent ad clicks, allow criminals to take control of the infected computer and pass on copies of the scam messages to the victim's Skype contact list. The malware messages are circulating in German as well as English .

Hackers are putting an instant message "lol is this your new profile pic?" on skype clicking on it will open up a trojan horse. User can be locked out of their machine and the ask for a ransom? when the worm infects the computer it sends out the message to the users contact list . Unsuspecting recipents think the message has originated from someone they know and click on the link. found this on bbc news technology if you want to check it out

Detailed Analysis
A number of warnings in several languages that advise users to be cautious of Skype messages referring to a new profile pic are currently being passed around via social media posts, text message, email and Skype itself. The warnings claim that a link in messages reading "lol is this your new profile pic?", can install ransomware and other types of malware on the user's computer. Although some of the warnings are a little garbled, the information they contain is essentially correct.

A current malware campaign is using Skype SMS messages to distribute malware. Users who click on a link in the "new profile pic" messages may be tricked into downloading and opening a .zip file that contains a malicious payload that contains various types of malware. One type of malware in the payload reportedly encrypts files on the infected computer then demands a ransom of $200 to unlock the encrypted files. Another type of malware in the package can generate revenue for scammers by making fraudulent clicks on online advertisements. And, a trojan horse component in the package can make connections to remote servers and allow criminals to access and control the infected computer. The infection also sends the same scam message to people on the victim's Skype contact list.

Reports indicate that the malware messages are circulating in English and German, but it is possible that other language versions may follow. The actual text of the malware messages may also change. Skype users should be cautious of clicking any links in Skype messages. If you do inadvertently click such a link, do not unzip or install any files that are downloaded to your computer.